| Vulnerability Name: | CVE-2007-5935 (CCN-38508) | ||||||||||||||||||||||||
| Assigned: | 2007-10-17 | ||||||||||||||||||||||||
| Published: | 2007-10-17 | ||||||||||||||||||||||||
| Updated: | 2018-10-15 | ||||||||||||||||||||||||
| Summary: | Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag. | ||||||||||||||||||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||||||||||
| CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P) 5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||||||||||||||||||
| Vulnerability Type: | CWE-119 | ||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||
| References: | Source: CCN Type: Debian Bug report logs - #447081 dvips -z segfault with really long url on \href Source: CONFIRM Type: Exploit http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=447081 Source: CONFIRM Type: UNKNOWN http://bugs.gentoo.org/show_bug.cgi?id=198238 Source: MITRE Type: CNA CVE-2007-5935 Source: SUSE Type: UNKNOWN SUSE-SR:2008:001 Source: SUSE Type: UNKNOWN SUSE-SR:2008:011 Source: CCN Type: RHSA-2010-0399 Moderate: tetex security update Source: CCN Type: RHSA-2010-0401 Moderate: tetex security update Source: CCN Type: SA27672 teTeX Multiple Vulnerabilities Source: SECUNIA Type: Vendor Advisory 27672 Source: SECUNIA Type: Vendor Advisory 27686 Source: SECUNIA Type: Vendor Advisory 27718 Source: SECUNIA Type: Vendor Advisory 27743 Source: SECUNIA Type: Vendor Advisory 27967 Source: SECUNIA Type: Vendor Advisory 28107 Source: SECUNIA Type: Vendor Advisory 28412 Source: SECUNIA Type: Vendor Advisory 30168 Source: GENTOO Type: UNKNOWN GLSA-200711-26 Source: GENTOO Type: UNKNOWN GLSA-200711-34 Source: GENTOO Type: UNKNOWN GLSA-200805-13 Source: CCN Type: SECTRACK ID: 1019058 teTeX Buffer Overflows Let Remote Users Execute Arbitrary Code and Unsafe Temporary Files Let Local Users Overwrite Files Source: CCN Type: teTeX Web site teTeX Source: CONFIRM Type: UNKNOWN http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266 Source: CCN Type: GLSA-200711-26 teTeX: Multiple vulnerabilities Source: CCN Type: GLSA-200711-34 CSTeX: Multiple vulnerabilities Source: CCN Type: GLSA-200805-13 PTeX: Multiple vulnerabilities Source: MANDRIVA Type: UNKNOWN MDKSA-2007:230 Source: CCN Type: OSVDB ID: 42237 teTeX dvips hpc.c DVI File href Tag Handling Overflow Source: BUGTRAQ Type: UNKNOWN 20080212 FLEA-2008-0006-1 tetex tetex-dvips tetex-fonts Source: BID Type: UNKNOWN 26469 Source: CCN Type: BID-26469 teTeX DVI File Parsing Multiple Vulnerabilities Source: SECTRACK Type: UNKNOWN 1019058 Source: CCN Type: TeX Live Web site TeX Live Source: CCN Type: USN-554-1 teTeX and TeX Live vulnerabilities Source: VUPEN Type: UNKNOWN ADV-2007-3896 Source: MISC Type: UNKNOWN https://bugzilla.redhat.com/show_bug.cgi?id=368591 Source: XF Type: UNKNOWN tetex-dvi-bo(38508) Source: CONFIRM Type: UNKNOWN https://issues.rpath.com/browse/RPL-1928 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:11311 Source: UBUNTU Type: UNKNOWN USN-554-1 Source: FEDORA Type: UNKNOWN FEDORA-2007-3390 Source: SUSE Type: SUSE-SR:2008:001 SUSE Security Summary Report Source: SUSE Type: SUSE-SR:2008:011 SUSE Security Summary Report | ||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration RedHat 4: Configuration RedHat 5:  Denotes that component is vulnerable | ||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||
| |||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||